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DETAILED ACTION 

1 . This action is in response to the communication filed on June 1 , 2001 . Claims 1 
- 12 were originally received for consideration. Per the received preliminary 
amendments, claims 13-16 have been added, and claims 11-12 have been cancelled. 
Claims 1-10, and 13-16 are currently being considered. 

Information Disclosure Statement 

2. An initialed and dated copy of the Applicant's IDS form 1449 has been attached 
to this Office action. 

Specification 

3. The disclosure is objected to because of the following informalities: "used" is 
misspelled on page 22, line 12 of the specification. 

Appropriate correction is required. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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4. The term "some" in claim 1 is a relative term, which renders the claim indefinite. 
The term "some" is not defined by the claim, the specification does not provide a 
standard for ascertaining the requisite degree, and one of ordinary skill in the art would 
not be reasonably apprised of the scope of the invention. The term "some" should be 
replaced with a term that better defines the number or nature of the "instructions" that 
are being described in the limitation. The term "some" has been ignored for purposes of 
examinations. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1 -10, 13-16are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Leppek (U.S. Patent No. 5,933,501 ) in view of Kocher et al. (U.S. Patent No. 
6,278,783). 

Regarding claim 1 , Leppek discloses: 

A countermeasure method against attacks by differential analysis of current 
consumption in an electronic component using a cryptographic algorithm having a 
secret key, comprising the following steps: 
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' executing some instructions in the algorithm that are critical to said 
attacks with a first manipulating means to deliver output data on the basis of 
input data" (Figure 2, column 4 lines 7-51), wherein at least two different sequences of 
encryption operators are selected to encrypt the data; 

'executing others of said critical instructions with other manipulating 
means that are derived from said first manipulating means" (Figure 2, column 4 
lines 7-51). Leppek does not explicitly disclose that this manipulating means is by 
'complementation of at least one of the input data and said output data, so that 
the output data and the data derived from said output data are unpredictable." 
Kocher teaches a method of using DES to minimize information leak using smart cards 
and other cryptosystems, and discloses the ' complementation of data" (column 6 lines 
29-63, column 9 lines 5-23), where the complements are taken to prevent different 
sources of information leakage such as "observation of the power consumption and/or 
timing can reveal whether the carried bit in each round equal zero or one" (column 5 
lines 8-1 5). Leppek and Kocher are analogous arts in that both are concerned with 
providing cryptosystems that take measures to make data more unpredictable than 
using common encryption procedures. Leppek uses a series of encryption operators 
with a randomized order to obscure the encryption footprint, which exists, by using a 
particular encryption algorithm. Leppek stats "the encryption routines... need not be any 
particular type of encryption algorithm and may be conventional encryption operators, 
such as, PGP, DES, etc." Therefore it is obvious the modified DES presented by 
Kocher could be implemented in the encryption scheme of Leppek to prevent the 
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possibility that "observation of the power consumption and/or timing can reveal whether 
the carried bits in each round equal zero or one, revealing some or all of the key bits" 
(Kocher column 5 lines 7-15). Therefore it would have been obvious to one of 
ordinary skill in the art to combine the encryption operator of Kocher with the encryption 
scheme of Leppek in order to use an encryption operator in the sequence which 
prevents the usefulness of an attack which observes the power consumption and/or 
timing to determine whether the carried bits are zeroes or ones, which reveals the bits 
of the key. 

Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 1 ( wherein said "first and other 
manipulating means are selected for use on the basis of one-half probability 
statistical relationship" (column 4 lines 33-52), wherein in the simplest form, there are 
two different sequences of operators that can be selected randomly equating to a fifty 
percent probability that either sequence will be chosen. 

Claim 3 is rejected as applied above in rejecting claim 2. Furthermore, Leppek 
discloses a countermeasure method according to claim 2, wherein said "method 
comprises executing a first sequence and a second sequence, such that the 
order in which the sequences are executed is a function of the one-half 
probability statistical relationship" (Figure 2, column 4 lines 7-52), wherein there are 
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two different sequence of operators that can be selected randomly. Leppek does not 
explicitly disclose any particular encryption algorithm but states that they "need not be 
any particular type of encryption algorithm" (column 4 lines 10-17). Kocher discloses 
the use of a modified DES encryption algorithm which consists of sixteen rounds (Figure 
1), which can then incorporated in the different sequences of Leppek to produce an 
encrypted stream. Leppek and Kocher are analogous arts in that both are concerned 
with providing cryptosystems that take measures to make data more unpredictable than 
using common encryption procedures. Leppek uses a series of encryption operators 
with a randomized order to obscure the encryption footprint, which exists, by using a 
particular encryption algorithm. Leppek stats "the encryption routines... need not be any 
particular type of encryption algorithm and may be conventional encryption operators, 
such as, PGP, DES, etc." Therefore it is obvious the modified DES presented by 
Kocher could be implemented in the encryption scheme of Leppek to prevent the 
possibility that "observation of the power consumption and/or timing can reveal whether 
the carried bits in each round equal zero or one, revealing some or all of the key bits" 
(Kocher column 5 lines 7-15). Therefore it would have been obvious to one of 
ordinary skill in the art to combine the encryption operator of Kocher with the encryption 
scheme of Leppek in order to use an encryption operator in the sequence which 
prevents the usefulness of an attack which observes the power consumption and/or 
timing to determine whether the carried bits are zeroes or ones, which reveals the bits 
of the key. 
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Claim 4 is rejected as applied above in rejecting claim 3. Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 3, wherein 'each of the first and 
second sequences is made up of the first three rounds 1 (column 4 lines 10-23), 
wherein the encryption operators can be of any type including DES, and further, can 
include any number of rounds that are in each of the respective encryption operators. 

Claim 5 is rejected as applied above in rejecting claim 3. Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 3. Leppek does not explicitly state 
"other manipulating means consist of second means such that, for the same 
input data, the complement of the output data of the first manipulating means is 
produced as output data." Kocher teaches a method of using DES to minimize 
information leak using smart cards and other cryptosystems, and discloses the 
"complementation of the output data" (column 6 lines 29-63, column 9 lines 5-23), 
where the complements are taken to prevent different sources of information leakage 
such as "observation of the power consumption and/or timing can reveal whether the 
carried bit in each round equal zero or one" (column 5 lines 8-15). This complementing 
of data, complements the data either at the beginning or the end, thus producing a 
complemented output data stream (column 9 lines 5-23). Leppek and Kocher are 
analogous arts in that both are concerned with providing cryptosystems that take 
measures to make data more unpredictable than using common encryption procedures. 
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Leppek uses a series of encryption operators with a randomized order to obscure the 
encryption footprint, which exists, by using a particular encryption algorithm. Leppek 
stats "the encryption routines... need not be any particular type of encryption algorithm 
and may be conventional encryption operators, such as, PGP, DES, etc." Therefore it is 
obvious the modified DES presented by Kocher could be implemented in the encryption 
scheme of Leppek to prevent the possibility that "observation of the power consumption 
and/or timing can reveal whether the carried bits in each round equal zero or one, 
revealing some or all of the key bits" (Kocher column 5 lines 7-15). Therefore it would 
have been obvious to one of ordinary skill in the art to combine the encryption operator 
of Kocher with the encryption scheme of Leppek in order to use an encryption operator 
in the sequence which prevents the usefulness of an attack which observes the power 
consumption and/or timing to determine whether the carried bits are zeroes or ones, 
which reveals the bits of the key. 

Claim 6 is rejected as applied above in rejecting claim 2. Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 2, wherein said "method 
comprises executing a first sequence and a second sequence, such that the 
order in which the sequences are executed is a function of the one-half 
probability statistical relationship" (Figure 2, column 4 lines 7-52), wherein there are 
two different sequence of operators that can be selected randomly. Leppek does not 
explicitly disclose any particular encryption algorithm but states that they "need not be 
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any particular type of encryption algorithm" (column 4 lines 10-17). Kocher discloses 
the use of a modified DES encryption algorithm which consists of sixteen rounds (Figure 
1), which can then incorporated in the different sequences of Leppek to produce an 
encrypted stream. Leppek and Kocher are analogous arts in that both are concerned 
with providing cryptosystems that take measures to make data more unpredictable than 
using common encryption procedures. Leppek uses a series of encryption operators 
with a randomized order to obscure the encryption footprint, which exists, by using a 
particular encryption algorithm. Leppek stats "the encryption routines.. .need not be any 
particular type of encryption algorithm and may be conventional encryption operators, 
such as, PGP, DES, etc." Therefore it is obvious the modified DES presented by 
Kocher could be implemented in the encryption scheme of Leppek to prevent the 
possibility that "observation of the power consumption and/or timing can reveal whether 
the carried bits in each round equal zero or one, revealing some or all of the key bits" 
(Kocher column 5 lines 7-15). Therefore it would have been obvious to one of 
ordinary skill in the art to combine the encryption operator of Kocher with the encryption 
scheme of Leppek in order to use an encryption operator in the sequence which 
prevents the usefulness of an attack which observes the power consumption and/or 
timing to determine whether the carried bits are zeroes or ones, which reveals the bits 
of the key. 

Claim 7 is rejected as applied above in rejecting claim 6. Furthermore, Leppek 
discloses: 
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A countermeasure method according to claim 6, wherein "each of the first and 
second sequences is made up of the last three rounds 1 (column 4 lines 10-23), 
wherein the encryption operators can be of any type including DES, and further, can 
include any number of rounds that are in each of the respective encryption operators; 
and 

"wherein the other manipulating means used in the second sequence 
comprise second manipulating means and a third manipulating means" (column 4 
lines 10-23), wherein there can be a number of different encryption operators in each 
sequence, which each include different means for changing (manipulating) the data. 

Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 7, wherein "said second 
manipulating means are used in the second sequence for the fourteenth round' 
(column 4 lines 10-23), wherein the encryption operators can be of any type including 
DES, and further, can include any manipulation in any of the rounds, including the 
fourteenth round of the respective encryption operation. Leppek does not explicitly 
disclose "second manipulating means are such that, for the same input data, the 
complement of the output data of the first manipulating means is produced as 
output data" Kocher teaches a method of using DES to minimize information leak 
using smart cards and other cryptosystems, and discloses the "complementation of 
the output data" (column 6 lines 29-63, column 9 lines 5-23), where the complements 
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are taken to prevent different sources of information leakage such as "observation of the 
power consumption and/or timing can reveal whether the carried bit in each round equal 
zero or one" (column 5 lines 8-15). This complementing of data, complements the data 
either at the beginning or the end, thus producing a complemented output data stream 
(column 9 lines 5-23). Leppek and Kocher are analogous arts in that both are 
concerned with providing cryptosystems that take measures to make data more 
unpredictable than using common encryption procedures. Leppek uses a series of 
encryption operators with a randomized order to obscure the encryption footprint, which 
exists, by using a particular encryption algorithm. Leppek stats "the encryption 
routines. ..need not be any particular type of encryption algorithm and may be 
conventional encryption operators, such as, PGP, DES, etc." Therefore it is obvious the 
modified DES presented by Kocher could be implemented in the encryption scheme of 
Leppek to prevent the possibility that "observation of the power consumption and/or 
timing can reveal whether the carried bits in each round equal zero or one, revealing 
some or all of the key bits" (Kocher column 5 lines 7-15). Therefore it would have 
been obvious to one of ordinary skill in the art to combine the encryption operator of 
Kocher with the encryption scheme of Leppek in order to use an encryption operator in 
the sequence which prevents the usefulness of an attack which observes the power 
consumption and/or timing to determine whether the carried bits are zeroes or ones, 
which reveals the bits of the key. 
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Claim 9 is rejected as applied above in rejecting claim 8. Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 8, wherein "said third manipulating 
means are used in the second sequence for the fifteenth and the sixteenth round" 
(column 4 lines 10-23), wherein the encryption operators can be of any type including 
DES, and further, can include any manipulation in any of the rounds, including the 
fourteenth round of the respective encryption operation. Leppek does not explicitly 
disclose "second manipulating means are such that, for the same input data, the 
complement of the output data of the first manipulating means is produced as 
output data" Kocher teaches a method of using DES to minimize information leak 
using smart cards and other cry ptosy stems, and discloses the ' complementation of 
the output data" (column 6 lines 29-63, column 9 lines 5-23), where the complements 
are taken to prevent different sources of information leakage such as "observation of the 
power consumption and/or timing can reveal whether the carried bit in each round equal 
zero or one" (column 5 lines 8-15). This complementing of data, complements the data 
either at the beginning or the end, thus producing a complemented output data stream 
(column 9 lines 5-23). Leppek and Kocher are analogous arts in that both are 
concerned with providing cryptosystems that take measures to make data more 
unpredictable than using common encryption procedures. Leppek uses a series of 
encryption operators with a randomized order to obscure the encryption footprint, which 
exists, by using a particular encryption algorithm. Leppek stats "the encryption 
routines. ..need not be any particular type of encryption algorithm and may be 
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conventional encryption operators, such as, PGP, DES, etc." Therefore it is obvious the 
modified DES presented by Kocher could be implemented in the encryption scheme of 
Leppek to prevent the possibility that "observation of the power consumption and/or 
timing can reveal whether the carried bits in each round equal zero or one, revealing 
some or all of the key bits" (Kocher column 5 lines 7 - 15). Therefore it would have 
been obvious to one of ordinary skill in the art to combine the encryption operator of 
Kocher with the encryption scheme of Leppek in order to use an encryption operator in 
the sequence which prevents the usefulness of an attack which observes the power 
consumption and/or timing to determine whether the carried bits are zeroes or ones, 
which reveals the bits of the key. 

Claim 10 is rejected as applied above in rejecting claim 1 . Furthermore, Leppek 
discloses: 

A countermeasure method according to claim 1 . Leppek does not explicitly 
disclose "manipulating means are constants tables." Kocher teaches the use of 
tables to manipulate data (column 7 lines 15-65), wherein the tables are used as a 
method to minimize information leakage when using a electric component such as a 
smart card. The tables are filled with parameters (constants), which are preferably 
updated so that attackers cannot obtain the contents of the table by analysis of 
measurements. The Leppek and Kocher are analogous arts in that both are concerned 
with providing cryptosystems that take measures to make data more unpredictable than 
using common encryption procedures. Leppek uses a series of encryption operators 
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with a randomized order to obscure the encryption footprint, which exists, by using a 
particular encryption algorithm. Leppek stats "the encryption routines.. .need not be any 
particular type of encryption algorithm and may be conventional encryption operators, 
such as, PGP, DES, etc." Therefore it is obvious the modified DES presented by 
Kocher could be implemented in the encryption scheme of Leppek to prevent the 
possibility that "table lookup operations leak information about the address of the 
memory lookup and the value that is returned" (Kocher column 5 lines 30 - 41). 
Therefore it would have been obvious to one of ordinary skill in the art to combine the 
encryption operator of Kocher with the encryption scheme of Leppek in order to use an 
encryption operator in the sequence, which prevents the table lookup from leaking 
information about the address of the memory lookup and the returned value. 

Claim 16 is rejected as applied in rejecting claim 13. Furthermore, Leppek discloses: 

The electric component of claim 13. Leppek does not explicitly disclose that the 
countermeasure method is implemented on a "smart card 1 . Kocher discloses that the 
technique of improving the DES against external monitoring attacks is "implementable in 
cryptographic smartcards" (Abstract). The encryption scheme of Leppek is used to 
encrypt data communications, which is analogous to the purpose of the invention of 
Kocher, who aims to more securely perform cryptographic processing. It is well-known 
in the art to use smart cards to carry and send data, because they are portable and can 
be associated with one user. Therefore it would have been obvious to one of ordinary 
skill in the art at the time the invention was made to implement the encryption scheme 
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of Leppek on a smart card as disclosed by Kocher to secure (encrypt) the data being 
processed on the smart card to prevent attackers from obtaining secret information. 
The implementation of the encryption scheme of Leppek on the smart card would allow 
information to be portable and allow the processing of that information to be secure. 

6. Claims 13-15 are apparatus claims analogous to the method claims 1-10 rejected 
above, and therefore, are rejected following the same reasoning. 
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Conclusion 



7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 



supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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